Author
Topic: Petya Virus Damage (Read 476 times)

So my friend's work computer has been dead since last week. It wiped the MFT table and the boot loader he said. The machine will now not even boot.

Regardless here are some statistics that will blow your mind in his company. They have had 30-75%losses of Windows computers. As of right now they estimate that roughly 35K-45K desktop computer in his company were damaged along with about 15K servers.

He told me tonight that they are running on back up email via a cloud company while they try to bring the servers back up. They lost all the domain controllers, share point and the single sign on servers among other things. He said their desktop PC's had 4 separate security packages including whole disk encryption and it bypassed them all.

He said they received guidance yesterday that they are collecting all the PCs and are going to do a bulk reimaging of them. All people's stuff on them will be gone. If you dont have a backup somewhere you are toast. He said he lost years of work and will have to rebuild. The scary thing is that is the case for pretty much everyone.

He believes Microsoft's days are numbered there. Apparently the CEO told CIO that they want the company's exposure to Microsoft and Windows greatly reduced.

He said lots of companies have been hit but they are being very secretive about the amount of the damage. Crazy stuff.

Hm. It's the NSA's fault for hiring the smartest hackers and making the most insidious malware in existence, and then letting random contractors download and redistribute it.

And then it's the user's fault for not updating Windows.

A patched Windows machine was not vulnerable when this virus hit.

Since your friend's company is run by dummies who don't keep machines patched, how is this Microsoft's fault? Microsoft fixed the bug. This company chose to ignore that.

They can switch to Linux or Mac and also not patch it and get the same results.

Agreed about what you said about the patching. I disabled SMB on my home computers along with some other shit. The fundamental problem with Windows is that there are just to many holes in the OS because Microsoft put in all kinds of backdoor stuff for management, entertainment and god knows what else. With Macs and Linux they don't have all this stuff.

All their IT help desk along with the management of their machines be it Windows, Linux or Unix has been offshored to India. I don't know which company it is (frankly it doesn't matter). He said that they call the help desk the no-help desk .

From what he says they are incompetent but they stick with them because they are cheap. Thats the real driver on this - employee cost. Well now they found out the hard way about being penny wise pound foolish.

What I don't get it is how they bypassed these multiple anti-virus programs. It's not like it's a brand new virus the world has never seen. It's a deja vu. Some gang of hackers somewhere in a Romanian basement outthought Microsoft and Kaspersky and other major corporations of the world and thousands of capable system admins around the world?

And caused such massive damage en masse, consistently? Becoming a major world phenomenon, deserving its own wiki entry? Is Windows really that inherently terrible? Or what?

1-- Microsoft's design goals rank security lower than other competing values. For example, they have long ranked "ease of use" higher than security. That's why things like Remote Assistance and disk sharing on the LAN are ON by default, and why Windows used to automatically run any USB memory stick you'd plug into a Windows computer.

Historically, whenever there's a trade-off between security and ease of use, Microsoft picks ease of use.

Microsoft also ranks "change" and "new features" higher than security and bug fixing. Their revenue critically depends on selling new product, and you can only sell new a Windows version if it looks different than previous versions. So risk and potential bugs are baked into any new Windows version.

Where is MS going to assign its people, fixing Win 8.1 bugs or designing and building Windows 11?

2-- At nearly 60 million lines of code, Windows is far too complex to understand and manage. In contrast, Linux is 15 million LOC. Given its legacy base, MS has less room to manuver with this huge unwieldy code pile.

3-- The Microsoft hiring model hires the smartest people straight out fo the most elite colleges. Hiring the best of experienced engineers would yield much better design and coding. An example -- for years, WIndows was subject to buffer overflow attacks. Brilliant college grads may find that acceptable, any good experienced engineer would not.

Windows is subject to more attacks than Mac or Linux, but it is also inferior code when graded from the standpoint of security. Note that I am ONLY rating security here... this does not mean that Windows rates worse than competing OS's in other respects. It has its advantages and strengths ... but security has never been one of them.